ruby-core

Issue #12660 has been updated by Tomoyuki Chikanaga.

Backport changed from 2.1: REQUIRED, 2.2: REQUIRED, 2.3: REQUIRED to 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE

ruby_2_3 r55961 merged revision(s) 55822.

----------------------------------------
Bug #12660: [PATCH] openssl: avoid undefined behavior on empty SSL_write
https://bugs.ruby-lang.org/issues/12660#change-60198

* Author: Eric Wong
* Status: Closed
* Priority: Normal
* Assignee: Kazuki Yamaguchi
* ruby -v: 
* Backport: 2.1: REQUIRED, 2.2: REQUIRED, 2.3: DONE
----------------------------------------
SSL_write(3ssl) manpage has this in the WARNINGS section:

       When calling SSL_write() with num=0 bytes to be sent the
       behaviour is undefined.

And indeed, the new test case demonstrates failures when
empty strings are used.  So, match the behavior of IO#write,
IO#write_nonblock, and IO#syswrite by returning zero, as the
OpenSSL::SSL::SSLSocket API already closely mimics the IO one.

* ext/openssl/ossl_ssl.c (ossl_ssl_write_internal):
  avoid undefined behavior
* test/openssl/test_pair.rb (test_write_zero): new test


Comments?  Will commit in a week or so if no response.


---Files--------------------------------
0001-openssl-avoid-undefined-behavior-on-empty-SSL_write.patch (2.17 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>